AI Security Laboratory Hands-On + Full-Stack

Students should have a general understanding of application security and some experience with web technologies and APIs. Basic familiarity with programming or scripting, security testing practices, and working with the command line is recommended.

You will need an OpenAI API key to participate in all the lab activities (see what students should bring).

As AI is an evolving field, additional requirements may be shared ahead of the training if needed.

Target audience

• Penetration testers & offensive professionals needing to learn novel AI exploitation vectors like prompt injection, non-deterministic application fuzzing, and LLM jailbreaking
• Security engineers & architects responsible for implementing open-source AI defence frameworks, data anonymisation flows, and guardrails like LLM Guard
• SOC analysts & incident responders learning to build agentic AI systems for real-time security operations and automated threat hunting
• AI & software developers integrating private or cloud-based LLM APIs (e.g., OpenAI) into production environments who must prevent AI-specific vulnerabilities
• Security practitioners deploying AI looking to automate daily workflows using advanced prompting, AI-powered shells, and custom Python automation scripts

After completing this training, you will have learned about:

• prompt injection: direct and indirect
• LLM jailbreaking
• fuzzing LLM applications
• AI-powered shell
• advanced prompting
• local LLMs / private AI
• AI programming
• AI attack detection
• OpenAI models and API
• embeddings
• quantization
• LLM Guard
• building agentic AI
• creating your own prediction model
• CVE research / PoC development with AI
• smarter AI assessing other AI
• specialized AI security tools

• AI/LLM attack vectors, including various forms of prompt injection and LLM jailbreaking techniques
• AI programming for security practitioners, working with local LLMs / private AI and cloud models (OpenAI / API), and building AI workflows for security use cases (e.g. fully private AI setups)
• AI attack detection, including the use of local LLMs, anonymizing data before sending it to cloud LLM providers, and applying open-source defences such as LLM Guard
• Fuzzing LLM applications, which differs from traditional fuzzing due to the non-deterministic nature of modern LLMs
• Using AI in security practitioners' daily operations, including AI-powered shell, advanced prompting, and AI security tools
• Ready-to-use Python scripts, providing hands-on experience and reusable AI building blocks for daily security tasks
• Smarter AI assessing other AI, along with interesting AI techniques and projects for security practitioners
• CVE research and PoC development with AI
• Building agentic AI for real-time security operations

Exams and assessments

There is no exam available as part of this course.

Hands-on learning

This course is built around practical, applied security exercises that reflect how AI is being used, attacked, and defended in modern organisations. Learners will work through guided labs focused on offensive AI security techniques, defensive controls, and real-world AI engineering workflows.

Throughout the training, participants will:

• Perform prompt injection and LLM jailbreaking exercises against AI-powered applications.
• Fuzz LLM applications to understand the challenges of testing non-deterministic AI systems.
• Build and test AI-powered workflows using OpenAI APIs, embeddings, and local LLM deployments.
• Use AI security tooling, including LLM Guard, to detect and mitigate AI-related threats.
• Develop Python-based automation scripts and reusable AI security utilities for day-to-day operational use.
• Create and experiment with agentic AI systems for real-time security operations and decision-making.
• Apply AI techniques to vulnerability research, CVE analysis, and proof-of-concept development.
• Explore advanced AI evaluation approaches, including using AI systems to assess the behaviour and security of other AI models.

Learners will receive access to a dedicated VMware-based lab environment containing preconfigured tools, datasets, and exercises. Lifetime lab access allows continued experimentation and skills development after the course has ended.

What students will receive

Students will be given a VMware image with a specially prepared lab environment to work on many topics and exercises in this training. When the training is over, students can take the lab environment home (after signing a non-disclosure agreement) to continue practicing at their own pace.

What students should bring

Students will need a laptop with 64-bit operating system, at least 16 GB RAM, 120 GB free hard drive space, administrative access, ability to turn off AV/firewall and VMware Player/Fusion installed (64-bit version). Prior to the training, make sure there are no problems with running x86_64 VMs. You will need an OpenAI API key (required). A Lakera API key is optional.

Instructor

Dawid Czagan is an internationally recognized security researcher and trainer. He is listed among top hackers at HackerOne. Dawid Czagan has found security bugs at Apple, Google, Mozilla, Microsoft and many others. Due to the severity of his findings, he received numerous awards.

Dawid Czagan shares his offensive security experience in his hands-on training courses. He delivered training sessions at key industry conferences such as DEF CON (Las Vegas), OWASP Global AppSec EU (Barcelona), Hack In The Box (Amsterdam), CanSecWest (Vancouver), 44CON (London), Hack In Paris (Paris), NorthSec (Montreal), HITB GSEC (Singapore) and for many corporate clients. His students include security specialists from Oracle, Adobe, ESET, ING, Red Hat, Trend Micro, Philips and the government sector. Recommendations are available on Dawid Czagan's LinkedIn profile (https://www.linkedin.com/in/dawid-czagan-85ba3666/).

Dawid Czagan is the founder and CEO at Silesia Security Lab. To find out about the latest in his work, you are invited to subscribe to his newsletter (https://silesiasecuritylab.com/newsletter) and follow him on Twitter (@dawidczagan), YouTube (https://www.youtube.com/channel/UCG-sIlaM1xXmetFtEfqtOqg), and LinkedIn (https://www.linkedin.com/in/dawid-czagan-85ba3666/).

What students say about my courses

Recommendations are available on my LinkedIn profile (https://www.linkedin.com/in/dawid-czagan-85ba3666/) – training participants from companies such as Oracle, Adobe, ESET, ING, Red Hat, Trend Micro, Philips, the government sector, and others.